aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2015-09-08 17:38:03 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2015-09-08 17:38:25 +0200
commit3224936bedd8fe777b23d43c253abd2c0cd95d22 (patch)
tree17f947b8ef78edc72d571ac039ede0baa4d0d500 /doc
parent0c2779514041b174c13d7cd3a66f1fd28e9026fa (diff)
parenta1df1e870b79200c70cf6a5e3201dab1e981a2a2 (diff)
Merge pull request #6635
a1df1e8 [docs] add libevent dependency to build-osx.md (Jonas Schnelli) d6a92dd [release notes] mention apache reverse proxy to re-enable SSL (Jonas Schnelli)
Diffstat (limited to 'doc')
-rw-r--r--doc/build-osx.md2
-rw-r--r--doc/release-notes.md30
2 files changed, 31 insertions, 1 deletions
diff --git a/doc/build-osx.md b/doc/build-osx.md
index dc319dd1c4..8fad8b5b00 100644
--- a/doc/build-osx.md
+++ b/doc/build-osx.md
@@ -32,7 +32,7 @@ Instructions: Homebrew
#### Install dependencies using Homebrew
- brew install autoconf automake berkeley-db4 libtool boost miniupnpc openssl pkg-config protobuf qt5
+ brew install autoconf automake berkeley-db4 libtool boost miniupnpc openssl pkg-config protobuf qt5 libevent
NOTE: Building with Qt4 is still supported, however, could result in a broken UI. As such, building with Qt5 is recommended.
diff --git a/doc/release-notes.md b/doc/release-notes.md
index 2fc601d435..e61933ddb2 100644
--- a/doc/release-notes.md
+++ b/doc/release-notes.md
@@ -27,6 +27,36 @@ Then, to tunnel a SSL connection on 28332 to a RPC server bound on localhost on
It can also be set up system-wide in inetd style.
+Another way to re-attain SSL would be to setup a httpd reverse proxy. This solution
+would allow the use of different authentication, loadbalancing, on-the-fly compression and
+caching. A sample config for apache2 could look like:
+
+ Listen 443
+
+ NameVirtualHost *:443
+ <VirtualHost *:443>
+
+ SSLEngine On
+ SSLCertificateFile /etc/apache2/ssl/server.crt
+ SSLCertificateKeyFile /etc/apache2/ssl/server.key
+
+ <Location /bitcoinrpc>
+ ProxyPass http://127.0.0.1:8332/
+ ProxyPassReverse http://127.0.0.1:8332/
+ # optional enable digest auth
+ # AuthType Digest
+ # ...
+
+ # optional bypass bitcoind rpc basic auth
+ # RequestHeader set Authorization "Basic <hash>"
+ # get the <hash> from the shell with: base64 <<< bitcoinrpc:<password>
+ </Location>
+
+ # Or, balance the load:
+ # ProxyPass / balancer://balancer_cluster_name
+
+ </VirtualHost>
+
Random-cookie RPC authentication
---------------------------------